Differentiate inline-signed messages between one-pass-signed and prefix-signed messages

This commit is contained in:
Paul Schaub 2023-12-14 12:35:23 +01:00
parent 6d63342455
commit 01e18a835b
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 14 additions and 2 deletions

View file

@ -313,7 +313,10 @@ Notation Tag
Part of a {term}`Notation` name. Part of a {term}`Notation` name.
One-pass Signature Packet One-pass Signature Packet
One or more {term}`packets<OpenPGP Signature Packet>` before the actual data in a {term}`Data Signature` which contain information to allow a receiving {term}`implementation<OpenPGP Implementation>` to create {term}`hashes<Hash Digest>` required for signature verification. See [RFC 5.4](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#one-pass-sig) for more details. One or more {term}`packets<Packet>` before the actual data in a {term}`Data Signature` which contain information to allow a receiving {term}`implementation<OpenPGP Implementation>` to create {term}`hashes<Hash Digest>` required for signature verification. See [RFC 5.4](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#one-pass-sig) for more details.
One-pass-signed Message
A {term}`OpenPGP Message` signed using one or more {term}`One-pass signatures<One-pass Signature Packet>`.
OpenPGP Certificate OpenPGP Certificate
An OpenPGP certificate contains public key material, identity claims and third party certifications (but no private key material) An OpenPGP certificate contains public key material, identity claims and third party certifications (but no private key material)
@ -405,6 +408,8 @@ Preferred AEAD Ciphersuites Subpacket
See [RFC 5.2.3.15](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-preferred-aead-ciphersuites) See [RFC 5.2.3.15](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-preferred-aead-ciphersuites)
Prefixed-Signed Message
An {term}`OpenPGP Message` with one or more prefixed {term}`signature packets<OpenPGP Signature Packet>`.
Primary Component Key Primary Component Key
See {term}`OpenPGP Primary Key`. See {term}`OpenPGP Primary Key`.

View file

@ -54,7 +54,12 @@ This method is commonly used for signing or encrypting emails. Most email softwa
#### Structure #### Structure
An {term}`inline-signed<Inline Signature>` {term}`OpenPGP message` consists of three segments: There are two different constructions available to generate inline-signed messages:
* {term}`One-pass-signed messages<One-pass-signed Message>` are signed using one ore more {term}`one-pass signatures<One-pass Signature Packet>`
* {term}`Prefixed-signed messages<Prefixed-signed Message>` have the actual signature(s) prefixed to the {term}`OpenPGP message<OpenPGP Message>`.
A {term}`one-pass-signed<One-pass-signed Message>` {term}`OpenPGP message` consists of three segments:
1. [**One-pass signature packets**](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#one-pass-sig): These one or more {term}`packets<Packet>` precede the signed data and enable {term}`signature<OpenPGP Signature Packet>` computation in one pass. 1. [**One-pass signature packets**](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#one-pass-sig): These one or more {term}`packets<Packet>` precede the signed data and enable {term}`signature<OpenPGP Signature Packet>` computation in one pass.
@ -62,6 +67,8 @@ An {term}`inline-signed<Inline Signature>` {term}`OpenPGP message` consists of t
3. **{term}`Data signature packets<OpenPGP Signature Packet>`**: These contain the {term}`cryptographic signature` corresponding to the original data. 3. **{term}`Data signature packets<OpenPGP Signature Packet>`**: These contain the {term}`cryptographic signature` corresponding to the original data.
Less commonly used are {term}`prefixed-signed messages<Prefixed-signed Message>`, where the {term}`signature packet(s)<signature packet>` are simply prepended to the message.
#### Creation #### Creation
To produce an {term}`inline signature`, the {term}`signer` processes the entirety of the data by reading from an input file and writing into an output {term}`OpenPGP message` file. As the data is processed, the {term}`signer` simultaneously calculates a {term}`cryptographic signature`. This procedure results in the appending of a {term}`data signature packet` to the output {term}`OpenPGP message` file, where it can be efficiently stored. To produce an {term}`inline signature`, the {term}`signer` processes the entirety of the data by reading from an input file and writing into an output {term}`OpenPGP message` file. As the data is processed, the {term}`signer` simultaneously calculates a {term}`cryptographic signature`. This procedure results in the appending of a {term}`data signature packet` to the output {term}`OpenPGP message` file, where it can be efficiently stored.